Changes

SPO600 Servers

2,450 bytes added, 17:16, 7 March 2022

→‎Common SSH Problems

[[Category:SPO600]]

== Preparatory Steps ==

In order to gain access to these computers, you must send an [[SSH]] key to your [[User:Chris Tyler|professor]]. <!-- Please follow these instructions exactly:

# Follow the steps outlined under [[SSH#Using_Public_Keys_with_SSH|Using Public Keys with SSH]] to create your key.

# Copy the public key (<code>id_rsa.pub</code> or <code>id_dsa.pub</code>) to a file named <code>''yourUserId''.pub</code> -- for example, if your chosen user ID is "jldoe", save the key in the file <code>jdoe.pub</code> using a command such as: <code>cp ~/.ssh/id_rsa.pub ''jdoe''.pub</code>

# Attach that file to an e-mail message and send it to [mailto:chris.tyler@senecacollege.ca chris.tyler@senecacollege.ca] with the subject line "SPO600 Key".-->

An account will be created within a few work days of sending the key.

{{Admon/tip|Check Your Key!|Your professor uses an automated script to create accounts, so the key must be valid, in the OpenSSH format, and correctly named in order to work successfully.}}

== Available Servers ==

<!-- {{Admon/important|~~Server Changes~~Content being Updated|~~The server configurations have changed several times changed --~~ This page is in the process of being updated from a previous ~~mentions of these systems by name may have referred to different hardware~~semester's content. ~~Note that~~ The SPO600 servers ~~may~~ will be set up in a new configuration later this semester, and this information will be ~~added or~~ updated. Do not rely on this information until this warning is removed ~~as the semester proceeds~~.}}

{{Admon/important|Server Changes|The server configurations have changed several times -- previous mentions of these systems by name may have referred to different hardware. Note that servers may be added or removed as the semester proceeds.}} -->

~~=== AArch64: aarchie ===~~The names of servers within CDOT are based on the names of countries. There is no significance to the country names.

~~A main~~ === AArch64 ~~system is available, known as ''aarchie''. This machine has a lot of weak cores. You can access this system at the hostname aarchie~~: israel.cdot.systems~~; if you're using a command-line ssh system, you can access aarchie with a command such as this:~~===

~~ssh~~ A main AArch64 system is available, known as ''~~username~~israel''~~@aarchie~~. This machine has a lot of mid-range cores. You can access this system at the hostname israel.cdot.systems; if you're using a command-line ssh system, you can access aarchie with a command such as this:

ssh ''username''@israel.cdot.systems<!-- === AArch64: bbetty ===

Another type AArch64 system is available as ''bbetty''. This machine has a moderate number of low-medium cores. This is a system that is currently located inside the [[EHL]]. To connect to this system, you have to go through the EHL gateway on port 2200.

ssh ''username''@israel.cdot.systems

-->

=== x86_64: portugal.cdot.systems ===

~~===~~ The x86_64server system is known as ''portugal''. If you're using a command-line ssh system, you can access xerxes with a command such as this: ~~xerxes ===~~

~~The x86_64 server system is known as ''xerxes''. If you're using a command-line ssh system, you can access xerxes with a command such as this:~~ ssh ''username''@~~xerxes~~portugal.cdot.systems

== Simplified SSH Access ==

Host "xerxes"

hostname "xerxes.cdot.systems"

user "YourUserId" ~~-->~~

Host "aarchie"

user "YourUserID"

port 2205

-->

Host "portugal"

hostname "portugal.cdot.systems"

user "YourUserID"

Host "israel"

user "YourUserID"

<!-- Host "xerxes"

hostname "xerxes.cdot.systems"

user "YourUserID"

-->

Once you have added these lines (inserting your user ID where appropriate) and set the permission on that file (<code>chmod 0600 ~/.ssh/config</code>) you can use these commands to access the servers:

~~ssh aarchie~~

~~ssh bbetty~~

~~ssh ccharlie~~

ssh israel

ssh ~~xerxes~~portugal

You can similarly configure simplified access in most other SSH client programs.

~~== SSH Access from Other Client Systems ==~~

~~If you wish~~ == Multiuser Access == Remember that these machines are multi-user systems. Use the <code>w</code> or <code>who</code> commands to ~~access the servers from additional computers,~~ see who else is using them; you can ~~append~~ also try using the ~~SSH public keys from those computers~~ <code>write</code> command to communicate with another user if required. == Passwords == Your password on each of these systems has been set to a random string (different on each host). You can find out the original random password by viewing the file <code>~/password.~~ssh~~txt</~~authorized_keys~~code> and you can change the password with the <code>passwd</code> ~~file~~command. Your password is used for sudo access (see the next section).

{{Admon/caution|Danger! Use Superuser privilege at your Own Risk.|Note that the use of the superuser account via <code>sudo</code> removes almost all restrictions on what you can do. It is easily possible for you to completely destroy the operating system! Take your time, double-check your commands, and if in doubt, ask. Be aware that your actions may affect other users and vice-versa.}}

{{Admon/caution|~~Do Not~~ DO NOT Build or Install Software ~~Except Via~~ as Root except via RPM (dnf/yum) or DEB (apt)|Do not build or install software as the root user (using <code>sudo</code>), except in RPM or DEB form using the <code>dnf</code>/<code>yum</code> or <code>apt</code> commands (as appropriate to the system). Building or installing software as root may overwrite system files and be very difficult to track down.<br /><br />It is OK to install software into your own directories (e.g., <code>~/bin</code> or <code>~/local</code>), which can be done without root privilege.}}

In order to use <code>sudo</code>, you will need to know your password. An initial random password is provided in the file <code>~/password.txt</code> (note that your password will be different on each server). Feel free to change this with the <code>passwd</code> command -- not by editing the file, which is provided only for your information!

~~== Multiuser Access ==~~

~~Remember that these machines are multi-user systems. Use~~ == SSH Access from Other Client Systems == If you wish to access the servers from additional computers, you can append the SSH public keys from those computers to the <code>w<~/.ssh/~~code> or <code>who~~authorized_keys</code> ~~commands to see who else is using them;~~ file. Alternately, you can ~~also try using~~ copy the ~~<code>write</code> command~~ private key from one client system to ~~communicate with~~ another ~~user if required~~(e.g., your laptop to your desktop).

== OS Versions ==

~~Note that~~ The current servers are both running Fedora 35 and will be updated from time to time. The machines may not be updated at the same time, so the ~~servers~~ versions of software may vary slightly. The kernel versions may ~~have different operating system releases~~also vary between the systems because of kernel hardware support.

== Backup Your Accounts ==

# If your SSH public key is not named <code>~/.ssh/id_rsa</code>, your SSH client may not automatically find it. You can specify the identity (private key) file using the <code>-i</code> argument to the SSH command.}}

~~With other~~ ==== Debugging SSH ~~clients~~Connection Problems ==== ===== Situation 1:The SSH client asks you for a passphrase ===== ~~# Your key~~ The passphrase is the one you provided when you created your SSH keys. You must be remember this passphrase in ~~OpenSSH format when~~ order to successfully unlock your private key. If you do not remember your passphrase, you will need to create a new pair of keys and re-send it the public key to your professor~~; this format is used~~ :# Create the keys with <code>ssh-keygen -t ed25591</code># Copy the public key (which by ~~the~~ default ~~SSH client on Mac OS~~will be named <code>~/.ssh/id_ed25519.pub</code>) to a file named <code>'''UserId'''.pub</X code> where '''UserId''' is your Seneca User ID.# Attach that file to an e-mail message and ~~Linux as well as PuTTY~~send it to your professor. ~~If it is in SSH2 format, used by some other~~ ===== Situation 2: The SSH client ~~programs,~~ asks you ~~can convert it with this command on~~ for a ~~Linux system with OpenSSH (such as Matrix):~~password =====

The password is for the remote system, but the SSH client will only ask you for a password if it is unable to authenticate using your keys. If that is the case, then one of your keys is corrupted, missing, has the wrong permission, or can't be found by the SSH client.# If you're using OpenSSH, try using the <code>-i</code> argument to tell the client which private key identity file to use: <code>ssh~~-keygen~~ -i ~~-f ~~~/.path/to/ssh/~~''SSH2_PUBLIC_KEY_FILE''~~PrivateKey ...~~pub~~ </code> ~/# Check the permissions on the private key and the directory holding the private key.~~ssh/''OPENSSH_PUBLIC_KEY_FILE''~~# If necessary, generate a new key and send it to your professor (see the previous section).~~pub~~

~~Your professor will do this automatically as part of~~ ===== Getting Verbose Output ===== To see what the ~~key processing; however~~OpenSSH client program is doing, you ~~will need to manually perform this step for any keys that you append~~ can use the <code>-v</code> (verbose) argument, up to ~~your~~ three times: <code>~/ssh -vvv ...~~ssh/authorized_keys~~</code> By reading through the output carefully, you can see what the OpenSSH client program is doing, and address any problems that arise (such as permission or file(snaming issues).

== Disconnect/Reconnect Ability ==

The [[Screen Tutorial|screen]] utility provides disconnect/reconnect capability, which is very useful for unstable network connections, long interactive operations, and changing your work location.

Other programs such as tmux provide similar capability.

For graphical disconnect/reconnect capability, consider using VNC.

Chris Tyler

Bureaucrats, Administrators

1,885

edits

Changes

SPO600 Servers

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

get involved with CDOT

courses

course projects

links

Tools